hathor-cpp-scanner/3rdparty/hash.cc

#include <cstdio>
#include <cstring>
#include <iostream>
#include <fcntl.h>
#include <limits.h>
#include <cstdlib>
#include <math.h>
#include <unistd.h>
#include "crypt_blowfish.h"

#define BF_MAX_SALT_LEN 60
#define RANDBYTES 16
static const char base64_table[] =
	{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
	  'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
	  'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
	  'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
	  '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/', '\0'
	};

static const char base64_pad = '=';

unsigned char *php_base64_encode(const unsigned char *str, int length, int *ret_length)
{
	const unsigned char *current = str;
	unsigned char *p;
	unsigned char *result;

	if ((length + 2) < 0 || ((length + 2) / 3) >= (1 << (sizeof(int) * 8 - 2))) {
		if (ret_length != NULL) {
			*ret_length = 0;
		}
		return NULL;
	}

	result = (unsigned char *)malloc(((length + 2) / 3) * 4);
	p = result;

	while (length > 2) { /* keep going until we have less than 24 bits */
		*p++ = base64_table[current[0] >> 2];
		*p++ = base64_table[((current[0] & 0x03) << 4) + (current[1] >> 4)];
		*p++ = base64_table[((current[1] & 0x0f) << 2) + (current[2] >> 6)];
		*p++ = base64_table[current[2] & 0x3f];

		current += 3;
		length -= 3; /* we just handle 3 octets of data */
	}

	/* now deal with the tail end of things */
	if (length != 0) {
		*p++ = base64_table[current[0] >> 2];
		if (length > 1) {
			*p++ = base64_table[((current[0] & 0x03) << 4) + (current[1] >> 4)];
			*p++ = base64_table[(current[1] & 0x0f) << 2];
			*p++ = base64_pad;
		} else {
			*p++ = base64_table[(current[0] & 0x03) << 4];
			*p++ = base64_pad;
			*p++ = base64_pad;
		}
	}
	if (ret_length != NULL) {
		*ret_length = (int)(p - result);
	}
	*p = '\0';
	return result;
}
static int php_password_salt_to64(const char *str, const size_t str_len, const size_t out_len, char *ret)
{
	size_t pos = 0;
	size_t ret_len = 0;
	unsigned char *buffer;
	if ((int) str_len < 0) {
		return 1;
	}
	buffer = php_base64_encode((unsigned char*) str, (int) str_len, (int*) &ret_len);
	if (ret_len < out_len) {
		/* Too short of an encoded string generated */
		free(buffer);
		return 1;
	}
	for (pos = 0; pos < out_len; pos++) {
		if (buffer[pos] == '+') {
			ret[pos] = '.';
		} else if (buffer[pos] == '=') {
			free(buffer);
			return 1;
		} else {
			ret[pos] = buffer[pos];
		}
	}
	free(buffer);
	return 0;
}
static int blowfish_make_salt(size_t length, char *ret)
{
	int buffer_valid = 0;
	size_t i, raw_length;
	char *buffer;
	char *result;

	if (length > (INT_MAX / 3)) {
		perror("Length is too large to safely generate");
		return 1;
	}

	raw_length = length * 3 / 4 + 1;

	buffer = (char*)malloc(raw_length);

	{
		int fd, n;
		size_t read_bytes = 0;
		fd = open("/dev/urandom", O_RDONLY);
		if (fd >= 0) {
			while (read_bytes < raw_length) {
				n = read(fd, buffer + read_bytes, raw_length - read_bytes);
				if (n < 0) {
					break;
				}
				read_bytes += (size_t) n;
			}
			close(fd);
		}
		if (read_bytes >= raw_length) {
			buffer_valid = 1;
		}
	}
	if (!buffer_valid) {
		for (i = 0; i < raw_length; i++) {
			buffer[i] ^= (char) (255.0 * rand() / RAND_MAX);
		}
	}

	result = (char*)malloc(length);

	if (php_password_salt_to64(buffer, raw_length, length, result) == 1) {
		perror("Generated salt too short");
		free(buffer);
		free(result);
		return 1;
	}
	memcpy(ret, result, length);
	free(result);
	free(buffer);
	ret[length] = 0;
	return 0;
}
int password_hash(const char *pass, int cost, char *crpt)
{
  static long required_salt_len = 22;
  char *newsalt,*output, *final;
  char crypted[BF_MAX_SALT_LEN +1];
  char salt[required_salt_len];

  output = (char*)malloc(32);
  memset(crypted, 0, BF_MAX_SALT_LEN + 1);
  blowfish_make_salt(required_salt_len, salt);
  newsalt = _crypt_gensalt_blowfish_rn("$2y$", cost, salt, required_salt_len, output, 30);

  final = php_crypt_blowfish_rn(pass, newsalt,	crypted, sizeof(crypted));

  free(output);
  strcpy(crpt,final);

  return 0;
}
#ifdef BCRYPT_TEST
int main(int argc, char * argv[]) {
    char * hash;
    const char * pass = "testpassword";
    int ret;
    hash = (char*)malloc(BF_MAX_SALT_LEN +1);
    if(argc > 1) {
      ret = password_hash(argv[1], 10, hash);

    } else {
     ret = password_hash(pass,10, hash);
    }

    printf("hash : %s\n",hash);
    free(hash);
    return 0;
}
#endif
initial commit 2016-06-13 08:27:43 -07:00			`#include <cstdio>`
			`#include <cstring>`
			`#include <iostream>`
			`#include <fcntl.h>`
			`#include <limits.h>`
			`#include <cstdlib>`
			`#include <math.h>`
			`#include <unistd.h>`
			`#include "crypt_blowfish.h"`

			`#define BF_MAX_SALT_LEN 60`
			`#define RANDBYTES 16`
			`static const char base64_table[] =`
			`{ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',`
			`'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',`
			`'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',`
			`'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',`
			`'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/', '\0'`
			`};`

			`static const char base64_pad = '=';`

			`unsigned char php_base64_encode(const unsigned char str, int length, int *ret_length)`
			`{`
			`const unsigned char *current = str;`
			`unsigned char *p;`
			`unsigned char *result;`

			`if ((length + 2) < 0 \|\| ((length + 2) / 3) >= (1 << (sizeof(int) * 8 - 2))) {`
			`if (ret_length != NULL) {`
			`*ret_length = 0;`
			`}`
			`return NULL;`
			`}`

			`result = (unsigned char )malloc(((length + 2) / 3) 4);`
			`p = result;`

			`while (length > 2) { /* keep going until we have less than 24 bits */`
			`*p++ = base64_table[current[0] >> 2];`
			`*p++ = base64_table[((current[0] & 0x03) << 4) + (current[1] >> 4)];`
			`*p++ = base64_table[((current[1] & 0x0f) << 2) + (current[2] >> 6)];`
			`*p++ = base64_table[current[2] & 0x3f];`

			`current += 3;`
			`length -= 3; /* we just handle 3 octets of data */`
			`}`

			`/* now deal with the tail end of things */`
			`if (length != 0) {`
			`*p++ = base64_table[current[0] >> 2];`
			`if (length > 1) {`
			`*p++ = base64_table[((current[0] & 0x03) << 4) + (current[1] >> 4)];`
			`*p++ = base64_table[(current[1] & 0x0f) << 2];`
			`*p++ = base64_pad;`
			`} else {`
			`*p++ = base64_table[(current[0] & 0x03) << 4];`
			`*p++ = base64_pad;`
			`*p++ = base64_pad;`
			`}`
			`}`
			`if (ret_length != NULL) {`
			`*ret_length = (int)(p - result);`
			`}`
			`*p = '\0';`
			`return result;`
			`}`
			`static int php_password_salt_to64(const char str, const size_t str_len, const size_t out_len, char ret)`
			`{`
			`size_t pos = 0;`
			`size_t ret_len = 0;`
			`unsigned char *buffer;`
			`if ((int) str_len < 0) {`
			`return 1;`
			`}`
			`buffer = php_base64_encode((unsigned char) str, (int) str_len, (int) &ret_len);`
			`if (ret_len < out_len) {`
			`/* Too short of an encoded string generated */`
			`free(buffer);`
			`return 1;`
			`}`
			`for (pos = 0; pos < out_len; pos++) {`
			`if (buffer[pos] == '+') {`
			`ret[pos] = '.';`
			`} else if (buffer[pos] == '=') {`
			`free(buffer);`
			`return 1;`
			`} else {`
			`ret[pos] = buffer[pos];`
			`}`
			`}`
			`free(buffer);`
			`return 0;`
			`}`
			`static int blowfish_make_salt(size_t length, char *ret)`
			`{`
			`int buffer_valid = 0;`
			`size_t i, raw_length;`
			`char *buffer;`
			`char *result;`

			`if (length > (INT_MAX / 3)) {`
			`perror("Length is too large to safely generate");`
			`return 1;`
			`}`

			`raw_length = length * 3 / 4 + 1;`

			`buffer = (char*)malloc(raw_length);`

			`{`
			`int fd, n;`
			`size_t read_bytes = 0;`
			`fd = open("/dev/urandom", O_RDONLY);`
			`if (fd >= 0) {`
			`while (read_bytes < raw_length) {`
			`n = read(fd, buffer + read_bytes, raw_length - read_bytes);`
			`if (n < 0) {`
			`break;`
			`}`
			`read_bytes += (size_t) n;`
			`}`
			`close(fd);`
			`}`
			`if (read_bytes >= raw_length) {`
			`buffer_valid = 1;`
			`}`
			`}`
			`if (!buffer_valid) {`
			`for (i = 0; i < raw_length; i++) {`
			`buffer[i] ^= (char) (255.0 * rand() / RAND_MAX);`
			`}`
			`}`

			`result = (char*)malloc(length);`

			`if (php_password_salt_to64(buffer, raw_length, length, result) == 1) {`
			`perror("Generated salt too short");`
			`free(buffer);`
			`free(result);`
			`return 1;`
			`}`
			`memcpy(ret, result, length);`
			`free(result);`
			`free(buffer);`
			`ret[length] = 0;`
			`return 0;`
			`}`
			`int password_hash(const char pass, int cost, char crpt)`
			`{`
			`static long required_salt_len = 22;`
			`char newsalt,output, *final;`
			`char crypted[BF_MAX_SALT_LEN +1];`
			`char salt[required_salt_len];`

			`output = (char*)malloc(32);`
			`memset(crypted, 0, BF_MAX_SALT_LEN + 1);`
			`blowfish_make_salt(required_salt_len, salt);`
			`newsalt = _crypt_gensalt_blowfish_rn("$2y$", cost, salt, required_salt_len, output, 30);`

			`final = php_crypt_blowfish_rn(pass, newsalt, crypted, sizeof(crypted));`

			`free(output);`
			`strcpy(crpt,final);`

			`return 0;`
			`}`
			`#ifdef BCRYPT_TEST`
			`int main(int argc, char * argv[]) {`
			`char * hash;`
			`const char * pass = "testpassword";`
			`int ret;`
			`hash = (char*)malloc(BF_MAX_SALT_LEN +1);`
			`if(argc > 1) {`
			`ret = password_hash(argv[1], 10, hash);`

			`} else {`
			`ret = password_hash(pass,10, hash);`
			`}`

			`printf("hash : %s\n",hash);`
			`free(hash);`
			`return 0;`
			`}`
			`#endif`